The official CERT-FI Advisory is now available:
https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html
Tuesday, September 8, 2009
Tuesday, March 24, 2009
Sockstress TCP DoS - CERT-FI Statement Update
CERT-FI has updated their public statement about Jack C. Louis's TCP DoS findings (sockstress).
We had hoped to release information around Easter. We are still confident full details will be released this year.
We had hoped to release information around Easter. We are still confident full details will be released this year.
Friday, March 20, 2009
Jack C. Louis - The loss of a dear friend...
Jack C. Louis: Jan 5, 1977 - March 15, 2009
It's been nearly a week and I still don't have the words. For now, I'll just state the facts. We lost Jack last Saturday night in a tragic fire at his home.
His family has been informed, and now many of his friends are also finding out.
Many are sending in their thoughts about, pictures, and memories of Jack. To contribute, please visit the Jack C. Louis memorial page that his family has created.
The memorial service has been scheduled for Friday May 1, 2009 in Huntington Beach, California. For details, see this facebook event.
Tuesday, March 10, 2009
Good to be back...
So yes, it's official... I am back in the states. I look forward to reconnecting with all you on this side of the pond.
Outpost24 is working on some very cool and fun things right now. More information to come.
--Robert
Outpost24 is working on some very cool and fun things right now. More information to come.
--Robert
Friday, January 9, 2009
Unicornscan on Debian - Some updated notes...
I received this message from an ISECOM partner :
*** Update ***:
See this post by GEEKOOL for detailed instructions for getting unicornscan installed on Ubuntu.
During our last OPST class we had some trouble getting unicornscan to run on two debian lenny machines (most likely it will be the same on etch and maybe *buntu), causing problems on our network. It wasn't the fault of unicornscan, more a "know your tools"-thing which took us quite some time to figure out:Just posting this in case any other debian users run into this issue.
In the INSTALL you refer to libdnet, which is in fact now called "libdumbnet1" on Debian systems. Just using an "apt-get install libdnet" on Debian installs the DECnet Libraries which then change the MAC-address of the ethernet adapter to something like "aa:00:04:00:0a:04" (which is a pretty bad thing since all systems that do so now have the same MAC-Address ;)). After removing the libdnet-packages and restarting the interfaces, everything was back to normal.
*** Update ***:
See this post by GEEKOOL for detailed instructions for getting unicornscan installed on Ubuntu.
Tuesday, December 16, 2008
TCP DoS tool (Complemento)...
Kelly Higgins just posted a quick article about a new TCP DoS tool (Letdown, part of Complemento) that is based on Gordon's description of his Ndos (Network DoS) tool.
Letdown is a simple connection flood tool with a TCP payload option. Other tools have done this attack before. In fact, with a very small modification, unicornscan could be made to perform this attack.
Just wanted to point out that the TCP DoS stresses Jack Louis discovered are not simple connection floods. We are not concerned about this tool being released, as it is not really related.
Letdown is a simple connection flood tool with a TCP payload option. Other tools have done this attack before. In fact, with a very small modification, unicornscan could be made to perform this attack.
Just wanted to point out that the TCP DoS stresses Jack Louis discovered are not simple connection floods. We are not concerned about this tool being released, as it is not really related.
Thursday, December 11, 2008
Fnta [Error fantaip.c:428] short packet!!!!
We've had users reporting a problem with fantaip. When they run fantaip they get the following error back:
# fantaip -i eth1 192.168.1.20
Fnta [Error fantaip.c:428] short packet!!!!
We have found this to be a problem with autoconf not finding attribute support in gcc.
To compile fantaip without this problem:
1) wget http://unicornscan.org/releases/unicornscan-0.4.7-2.tar.bz2
2) wget http://unicornscan.org/releases/attributemissing.patch
3) tar jxvf unicornscan-0.4.7-2.tar.bz2
4) cd unicornscan-0.4.7; ./configure
5) patch -p1 < ../attributemissing.patch
6) make install
If you look at the patch, it's only changing one line to enable HAVE___ATTRIBUTE. We'll get a configure workaround in the next release.
# fantaip -i eth1 192.168.1.20
Fnta [Error fantaip.c:428] short packet!!!!
We have found this to be a problem with autoconf not finding attribute support in gcc.
To compile fantaip without this problem:
1) wget http://unicornscan.org/releases/unicornscan-0.4.7-2.tar.bz2
2) wget http://unicornscan.org/releases/attributemissing.patch
3) tar jxvf unicornscan-0.4.7-2.tar.bz2
4) cd unicornscan-0.4.7; ./configure
5) patch -p1 < ../attributemissing.patch
6) make install
If you look at the patch, it's only changing one line to enable HAVE___ATTRIBUTE. We'll get a configure workaround in the next release.
Subscribe to:
Posts (Atom)
